Author Topic: FBI: Networks exposed to attacks due to Windows 7 end of life  (Read 81 times)

Online javajolt

  • Administrator
  • Hero Member
  • *****
  • Posts: 35126
  • Gender: Male
  • I Do Windows
    • windows10newsinfo.com
FBI: Networks exposed to attacks due to Windows 7 end of life
« on: August 05, 2020, 02:02:47 PM »
The U.S. Federal Bureau of Investigation (FBI) has warned private industry partners of increased security risks impacting computer network infrastructure because of devices still running Windows 7 after the operating system reached its end of life on January 14.

"The FBI has observed cybercriminals targeting computer network infrastructure after an operating system achieves end of life status," the FBI said in a private industry notification (PIN) issued yesterday.

"Continuing to use Windows 7 within an enterprise may provide cybercriminals access into computer systems.

"As time passes, Windows 7 becomes more vulnerable to exploitation due to lack of security updates and new vulnerabilities discovered."

After reaching its end of support earlier this year, Windows 7 no longer receives free software updates and security updates or fixes unless customers get an Extended Security Update (ESU) program subscription that will allow them to receives security updates for an additional three years.

The Extended Security Updates program is available for Windows 7 Professional, Windows 7 Enterprise, and Windows 7 Ultimate only via volume licensing programs, and it does not include or provide customers with new features, user-requested non-security updates, or design change requests.

Even though Microsoft says that upgrading to Windows 10 from Windows 7 for free was only available until July 29, 2016, free Windows 10 upgrades are still a thing if you follow this step by step Windows 10 upgrade procedure that involves running the Media Creation Tool and choosing the 'Upgrade this PC now' option on Windows 7 computers.


Windows 7 end of support notification
Organizations advised to upgrade Windows 7 devices

The FBI cautions that an actively supported operated system is the best way to mitigate newly discovered security flaws since it automatically receives security updates as soon as they're delivered by the vendor.

Even though the process of migrating a whole fleet of Windows 7 devices to a supported OS comes with its challenges including software and hardware costs, these hurdles are negligible when compared to the security risks organizations face if they don't take upgrade such systems.

"Increased compromises have been observed in the healthcare industry when an operating system has achieved end of life status," the FBI says. "After the Windows XP end of life on 28 April 2014, the healthcare industry saw a large increase of exposed records the following year."

Organizations that cannot immediately update Windows 7 systems to a supported operating system are advised to take the following defensive measures to defend their networks from attacks:

Quote
• Ensuring anti-virus, spam filters, and firewalls are up to date, properly configured, and secure.

• Auditing network configurations and isolate computer systems that cannot be updated.

• Auditing your network for systems using RDP, closing unused RDP ports, applying two-factor authentication wherever possible, and logging RDP login attempts.

Windows 7 flaws targeted in previous attacks

The U.S. domestic intelligence and security service also reminds of past vulnerabilities impacting Windows 7, fixed by Microsoft, and later used by threat actors in attacks targeting vulnerable Internet-connected devices.

Among these, the FBI mentions the critical and wormable BlueKeep remote code execution (RCE) vulnerability impacting the Windows Remote Desktop Services (RDS) platform, fixed by Microsoft in May 2019, and of the increasing interest shown by threat actors in compromising devices unpatched against Remote Desktop Protocol (RDP) flaws.

The agency also brings up WannaCry ransomware that used NSA's ETERNALBLUE exploit and the DOUBLEPULSAR Windows kernel Ring-0 exploit to spread and infect more than 57,000 devices around the world in 2017.

Microsoft patched the vulnerability used by ETERNALBLUE in March 2017 but this did not stop the attacks because Windows 7 users failed to update their systems in time and, in the aftermath, "98 percent of systems infected with WannaCry employed Windows 7 based operating systems," according to the FBI.

"With fewer customers able to maintain a patched Windows 7 system after its end of life, cyber criminals will continue to view Windows 7 as a soft target," the FBI concludes.

source